An Analytical Approach to Steganalysis

First published August 2005 by James E. Wingate, CISSP-ISSEP, CISM, IAM Director, Steganography Analysis & Research Center www.sarc-wv.com Chad W. Davis Computer Security Engineer Backbone Security.Com www.backbonesecurity.com Introduction Rapidly evolving computer and networking technology coupled with a dramatic expansion in

Smart Anti-Forensics

First published June 2005 by Steven McLeod steven mcleod@ozemail com au May 2005 EXECUTIVE SUMMARY This paper highlights an oversight in the current industry best practice procedure for forensically duplicating a hard disk. A discussion is provided which demonstrates that

Data: The Basics of Computer Forensics

First published June 2005 by Edward Pscheidt www.edwardpscheidt.com Everything is created on a computer. To be more precise, almost everything that is the subject of litigation was created on a computer. Be they letters, blueprints or company books, the vast

An Investigation Into Computer Forensic Tools

First published June 2005 K.K. Arthur & H.S. Venter Information and Computer Security Architectures (ICSA) Research Group Department of Computer Science University of Pretoria Pretoria This material is based upon work supported by Telkom, IST and the NRF through THRIP.

Developing A Framework For Evaluating Computer Forensic Tools

First published May 2005 by Colin Armstrong Curtin University of Technology School of Information Systems WA Australia Abstract Forensic science is the application of science to those criminal and civil laws that are enforced by police agencies in a criminal

The Forensic Chain of Evidence Model

First published May 2005 Improving the Process of Evidence Collection in Incident Handling Procedures by Atif Ahmad Department of Information Systems, University of Melbourne, Parkville, VIC 3010, Australia Abstract This paper suggests that administrators form a new way of conceptualizing

The Essentials Of Computer Discovery

First published May 2005 by Joan E. Feldman, President Computer Forensics Inc. www.forensics.com I. INTRODUCTION Chances are good that the date you scheduled, the letter you wrote, and the inter-office message you just read have all been recorded on magnetic

Description of the FAT fsstat Output

First published May 2005 by Brian Carrier reproduced with permission from The Sleuth Kit Informer, Issue 18 Overview The output of many TSK tools is relatively easy to understand because each tool has a specific focus. For example, the outut

MFP: The Mobile Forensic Platform

First published May 2005 Frank Adelstein Senior Principal Scientist, ATC-NY Abstract Digital forensics experts perform investigations of machines for “triage” to see if there is a problem, as well as to gather evidence and run analyses. When the machines to

Computer Forensics 101

First published May 2005 By Susan Steen and Johnette Hassell, Ph.D. Electronic Evidence Retrieval, LLC www.electronicevidenceretrieval.com Thirty years ago computers were colossal machines utilized only by government agencies and prodigious corporations. These early machines were so large and complex that

Learning from Other’s Mistakes: Issues Arising from Electronic Discovery

First published May 2005 by Setec Investigations http://www.setecinvestigations.com Computer forensics and the associated electronic evidence and electronic discovery are relatively new to the litigation game. The use of such information is growing steadily and it has become impossible for legal

Collecting And Preserving Electronic Media

First published May 2005 by Joan E. Feldman, President Computer Forensics Inc. http://www.forensics.com The discovery process in civil litigation has always been a critical and sometimes confusing area for attorneys. Most attorneys have wondered, at one time or another, whether

Job hunting advice for UK computer forensics professionals

First published April 2005 by David Sullivan www.appointments-uk.co.uk David@appointments-uk.co.uk This short article is aimed at Computer Forensic Professionals based in the UK who are considering looking for a new job. Introduction A number of the posts on Forensic Focus relate

Data Recovery Handling Tips & ESD Precaution

First published April 2005 by ActionFront Data Recovery Labs www.ActionFront.com Data Recovery Handling Tips & ESD Precaution Mishandling is a leading cause of hard disk drive failure. ESD (Electrostatic Discharge) A familiar form of Electrostatic Discharge, often called “static electricity”,

Beware Do-it-Yourself Data Recovery Solutions and Products

First published April 2005 by ActionFront Data Recovery Labs www.ActionFront.com Do-It-Yourself data recovery software may complicate your problems and diminish the prospects of a successful recovery. The object of many fix/doctor/repair programs is to try to make the drive, file-system